Off-site Data Protection
   HOME

TheInfoList



Click Here for Items Related To - Off-site Data Protection
OR:
Off-site Data Protection on:   [Wikipedia]   [Google]   [Amazon]

In
computing Computing is any goal-oriented activity requiring, benefiting from, or creating computing machinery. It includes the study and experimentation of algorithmic processes, and development of both hardware and software. Computing has scientific, e ...
, off-site data protection, or vaulting, is the strategy of sending critical data out of the main location (''off'' the main ''site'') as part of a
disaster recovery plan Given organizations' increasing dependency on information technology to run their operations, Business continuity planning covers the entire organization, and Disaster recovery focuses on ''IT''. Auditing of documents covering an organization's ' ...
. Data is usually transported off-site using removable storage media such as
magnetic tape Magnetic tape is a medium for magnetic storage made of a thin, magnetizable coating on a long, narrow strip of plastic film. It was developed in Germany in 1928, based on the earlier magnetic wire recording from Denmark. Devices that use magne ...
or
optical storage IBM defines optical storage as "any storage method that uses a laser to store and retrieve data from optical media." '' Britannica'' notes that it "uses low-power laser beams to record and retrieve digital (binary) data." Compact disc (CD) an ...
. Data can also be sent electronically via a
remote backup service A remote, online, or managed backup service, sometimes marketed as cloud backup or backup-as-a-service, is a service that provides users with a system for the backup, storage, and recovery of computer files. Online backup providers are companies ...
, which is known as ''electronic vaulting'' or ''e-vaulting''. Sending backups off-site ensures systems and servers can be reloaded with the latest data in the event of a disaster, accidental error, or system crash. Sending backups off-site also ensures that there is a copy of pertinent data that isn’t stored on-site. Although some organizations manage and store their own off-site backups, many choose to have their backups managed and stored by third parties who specialize in the commercial protection of off-site data.


Data vaults

The storage of off-site data is also known as vaulting, as backups are stored in purpose-built vaults. There are no generally recognized standards for the type of structure which constitutes a vault. That said, commercial vaults typically fit into three categories: * Underground vaults – often converted defunct cold war military or communications facilities, or even disused mines. * Free-standing dedicated vaults * Insulated chambers sharing facilities – often implemented within existing record center buildings.


Hybrid on site and off-site vaulting

Hybrid on-site and off-site data vaulting, sometimes known as Hybrid Online Backup, involve a combination of Local backup for fast backup and restore, along with Off-site backup for protection against local disasters. According to Liran Eshel, CEO of CTERA Networks, this ensures that the most recent data is available locally in the event of need for recovery, while archived data that is needed much less often is stored in the cloud. Hybrid Online Backup works by storing data to local disk so that the backup can be captured at high speed, and then either the backup software or a D2D2C (Disk to Disk to Cloud) appliance encrypts and transmits data to a service provider. Recent backups are retained locally, to speed data recovery operations. There are a number of cloud storage appliances on the market that can be used as a backup target, including appliances from
CTERA Networks CTERA Networks is a privately held enterprise software company headquartered in New York and Israel. The company has regional offices in the UK, Italy, France, Spain, Germany, and Australia.
,
Nasuni Nasuni is a privately-held hybrid cloud storage company with headquarters in Boston, Massachusetts. History Nasuni was founded in 2008, and has raised approximately $169M, with the last funding a $25M investment in which all previous investors ...
, StorSimple and TwinStrata.Boles, Jeff
Hybrid cloud backup: D2D2C emerging as a viable data backup strategy
SearchDataBackup, 2 May 2011


Statutory obligations

Data Protection Statutes are usually non-prescriptive within the commercial IT arena in how data is to be protected, but they increasingly require the active protection of data. United States Federal entities have specific requirements as defined by the U.S. National Institute of Standards and Technology (NIST). NIST documentation can be obtained at http://csrc.nist.gov/publications/PubsSPs.html and commercial agencies have the option of using these documents for compliance requirements. * History – today's regulatory requirements started with the "Rainbow" Series. Every organization has used these standards to develop "their" version of compliance – don't get wrapped around the NIC on compliance – use "Due Care" and apply "Due Diligence" and base your infrastructure using "SECURITY" as the foundation. Statutes which mandate the protection of data are: * Federal Information Systems Management Act (FISMA) – US * GAO Federal Information System Controls Audit Manual (FISCAM) – US * Health Insurance Portability and Accountability Act (HIPAA) – US * Sarbanes–Oxley (SOX) – US *
Basel II Basel II is the second of the Basel Accords, which are recommendations on banking laws and regulations issued by the Basel Committee on Banking Supervision. It is now extended and partially superseded by Basel III. The Basel II Accord was publis ...
– International – US * Gramm-Leach-Bliley (GLBA) – US *
Data Protection Act 1998 The Data Protection Act 1998 (DPA, c. 29) was an Act of Parliament of the United Kingdom designed to protect personal data stored on Computer, computers or in an organised paper filing system. It enacted provisions from the European Union (EU) Da ...
– UK * Foreign Corrupt Practices Act ("FCPA") – US


Legal precedents

* Thomas F. LINNEN, et al v. A.H. ROBINS COMPANY, INC., et als, (Mass. Super. Court, No. 97-2307). * Linnen v. Robins, 1999 WL 462015, 10 Mass. L.Rptr. 189 (Mass Super. Court, 1999). * FJS Electronics v. Fidelity Bank * Zubulake v. UBS Warburg * Coleman (Parent) Holdings, Inc. v. Morgan Stanley & Co. Inc., 2005 Extra LEXIS 94 (Fla. Cir. Ct. Mar. 23, 2005).


See also

*
Backup In information technology, a backup, or data backup is a copy of computer data taken and stored elsewhere so that it may be used to restore the original after a data loss event. The verb form, referring to the process of doing so, is "back up", w ...
(as off-site data protection is part of a comprehensive backup strategy) *
Remote backup service A remote, online, or managed backup service, sometimes marketed as cloud backup or backup-as-a-service, is a service that provides users with a system for the backup, storage, and recovery of computer files. Online backup providers are companies ...
*
Comparison of online backup services This is a comparison of online backup services. Online backup is a special kind of online storage service; however, various products that are designed for file storage may not have features or characteristics that others designed for backup have ...
*
Bare-metal restore Bare-metal restore is a technique in the field of data recovery and restoration where the backed up data is available in a form that allows one to restore a computer system from "bare metal", i.e. without any requirements as to previously installed ...


References

* ''Protecting Data Off-Site''. Gerard Nicol 2006 {{DEFAULTSORT:Off-Site Data Protection Computer security procedures Corporate law Disaster recovery Backup